As the virtualization of information technology infrastructure increases, so does the amount of storage space that is used. This trend may accelerate with the implementation of various cloud-computing scenarios. Indeed, the ease of virtualization tends to lure administrators into creating any number of virtual machines (VMs) without careful consideration of the amount and type of disk space that might be needed. As a result, the security of access to memory that has been allocated to a particular VM may be compromised.
For example, in a virtualized environment, VMs often manage sensitive information in main memory during the execution of software applications. Such information includes passwords, private keys, session keys, secrets, and certificates. In addition, hypervisors provide the ability to take snapshots of memory, and to clone or suspend the operation of the VM. As a result, VM memory is frequently stored on the hard disk as a file, which persists on the disk in a format that is understood by the hypervisor. Storing sensitive information on the disk in this manner may give rise to a variety of security threats. Some attempts have been made to solve this problem, but they are hardware-specific, and do not readily apply to the virtual processing environment.